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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.1 14, and the fee set 
forth in 37 CFR 1 .1 7(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.1 14. Applicant's submission filed on 15 May 
2006 has been entered. 

Declarations under 37 CFR 1.131 

2. Applicants submitted the declarations under 37 CFR 1 .131 to swear behind the 
Ayi reference. However, the declarations are not sufficient to overcome the Ayi 
reference for the following reasons: 

3. The evidence submitted is insufficient to establish diligence from a date prior to 
the date of reduction to practice of the Ayi reference to either a constructive reduction to 
practice or an actual reduction to practice. A general allegation that the invention was 
completed prior to the date of the reference is not sufficient. Ex parte Saunders, 1883 
CD. 23, 23 O.G. 1224 (Comm'r Pat. 1883). Similarly, a declaration by the inventors to 
the effect that their invention was conceived or reduced to practice prior to the reference 
date, without a statement of facts demonstrating the correctness of this conclusion, is 
insufficient to satisfy 37 CFR 1.131. See also MPEP §715.07. 
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4. The affidavit or declaration and exhibits must clearly explain which facts or data 
applicant is relying on to show completion of his or her invention prior to the particular 
date. Vague and general statements in broad terms about what the exhibits describe 
along with a general assertion that the exhibits describe a reduction to practice 
"amounts essentially to mere pleading, unsupported by proof or a showing of facts" and, 
thus, does not satisfy the requirements of 37 CFR 1.131(b). In re Borkowski, 505 F.2d 
713, 184 USPQ 29 (CCPA 1974). Applicant must give a clear explanation of the exhibits 
pointing out exactly what facts are established and relied on by applicant. 505 F.2d at 
718-19, 184 USPQ at 33. See also In re Harry, 333 F.2d 920, 142 USPQ 164 (CCPA 

1 964) (Affidavit "asserts that facts exist but does not tell what they are or when they 
occurred."). See MPEP §715.07. 

5. For example, in the independent claim 1 , limitations "receiving, within a database 
management system... ", "determining which policies..." and "for each operation in the 
operation set..." correspond to which part(s) of the applicants' Exhibits. Similar 
comments from the above also apply to claims 6, 21 , and 26. 

6. Applicants are requested to specifically point out or map particular portions of the 
Exhibit and dates that correspond to specific limitations of the claims in the Applicant 
submitted Declaration Under 37 C.F.R. § 1.131. 

7. Accordingly, Applicants have not established prior invention. The rejection is 
maintained. 
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Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1.56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

9. Claims 1-5 and 21-25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Ayi et al. (hereinafter "Ayi", Pub. No.: US 2002/0143735) in view of Hart 
(5,787,428). 

As per claim 1 , Ayi teaches a method for managing access to data in a database 
subject to a plurality of label-based security policies, the method comprising the steps 
of: 
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receiving, within a database management system, a request for performing an 
operation set of one or more operations on data in a table of the database (Ayi, page 1 , 
[0006] - [0008]); 

determining which policies, of the plurality of label-based policies, apply to the 
table based on a policy set of one or more policies associated with the table(Ayi, page 
1; [0006] [0008]). 

Ayi discloses determining whether to perform an operation/access on a dataset 
based on the label associated with the dataset (Ayi, page 1 , [0006]). 

Ayi does not explicitly disclose whether to perform the operation on a row, of the 
table. Hart teaches determining whether to perform the operation on a row of the table 
based on a set of labels associated with the row (Hart, Fig. 4-8, col. 6, lines 5-19). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the access control system of Ayi by incorporating 
determining whether to perform the operation on a row of the table based on a set of 
labels associated with the row as disclosed by Hart (Hart, Fig. 4-8, col. 6, lines 5-19). 
The motivation being to provide different security level and access management for 
different rows in the table. 
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As per claim 2, Ayi and Hart teach all the claimed subject matters as discussed in 
claim 1 , and further teach adding a policy column to the table for each policy in the 
policy set associated with the table (Hart, Fig. 4). 

As per claim 3, Ayi and Hart teach all the claimed subject matters as discussed in 
claim 2, and further teach storing a label, of the set of labels associated with the row, in 
a corresponding policy column of the row (Hart, Fig. 4). 

As per claim 4, Ayi and Hart teach all the claimed subject matters as discussed in 
claim 2, and further teach said step of determining which policies apply further 
comprising the step of determining whether a column is a policy column (Hart, Fig. 4-8, 
col. 6, lines 5-19). 

As per claim 5, Ayi and Hart teach all the claimed subject matters as discussed in 
claim 1 , and further teach the policy set associated with the table includes two or more 
policies of the plurality of label-based policies (Ayi, page 1 , [0006]-[0008], Hart, Fig. 
4-8). 

Claims 21-25 are rejected on grounds corresponding to the reasons given above 
for claims 1-5. 
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10. Claims 6-20 and 26-40 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hayman et al. (hereinafter "Hayman", 5,859,966) in view of Ayi et al. 
(hereinafter "Ayi", Pub. No.: US 2002/0143735 A1). 

As per claim 6, Hayman discloses a method for managing access to data in on a 
policy set of one or more label-based security policies, the method comprising the steps 
of: 

registering one or more packages of routines, wherein each package of said one 
or more packages implements a security model that supports a model set of one or 
more policies of the policy set and said each package includes an access mediation 
routine (Hayman, col. 8, line 67 col. 9, line 14, col. 9, line 56 - col. 10, line 4, Hayman 
teaches incorporate and installation security software which inherently includes 
registering one or more package of routines, furthermore, applicant admits that 
registering one or more packages of routines are well known in the art, please see 
specification, page 17, 2nd to last line - page 18, line 2); 

associating a first policy of a first model set in a first package with an object 
(Hayman, col. 5, lines 18-60, Hayman teaches labels/policies are applied to each 
object. Please note the labels are plural, which inherently includes a first policy, a 
second policy, etc); and 

invoking the access mediation routine in the first package to determining whether 
to allow operation on data based on the first policy (Hayman, col. 3, line 44 - col. 4, line 
50, col. 9, line 55 - col. 10, line 4). 
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Hayman teaches the security policy is applied to an object, however, Hayman 
does not explicitly disclose the object is a first table within the database system. Ayi 
teaches applies labels to tables in the database system (Ayi, page 1, [0006]-[0008]). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the security system of Hayman by applying the 
labels/policies to tables in the database system as disclosed by Ayi. The motivation 
being to control access to the data in a table of the database system. 

As per claim 7, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 6, and further teach forming said each package of said one or more 
packages so that the access mediation routine conforms to a specified interface for 
enforcing a policy in the database management system (Hayman, con. 9, lines 1-13). 

As per claim 8, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 7, and further teach said each package further comprising including 
one or more administrative routines for defining a policy for the model set (Hayman, 
con. 9, line 55 - con. 10, line 4). 



As per claim 9, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 8, and further teach one or more administrative routines for defining 
a policy further comprising including one or more administrative routines for defining a 
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name for a particular policy; labels for the particular policy; descriptions for the labels; 
and properties for the labels (Hayrnan, con. 5, lines 18-60). 

As per claim 10, Hayrnan and Ayi teach all the claimed subject matters as 
discussed in claim 6, and further teach invoking an administrative routine of the first 
package for defining the first policy (Hayrnan, con. 5, lines 18-60). 

As per claim 1 1 , Hayrnan and Ayi teach all the claimed subject matters as 
discussed in claim 10, and further teach invoking the administrative routine of the first 
package further comprising providing to the administrative routine of the first package a 
plurality of parameters including a policy name for the first policy and a plurality of label 
names for labels of the first policy (Hayrnan, col. 5, lines 18-60, col. 6, lines 45-67). 

As per claim 12, Hayrnan and Ayi teach all the claimed subject matters as 
discussed in claim 6, and further teach in response to attempts to operate on data in a 
row in the table, the step of determining that the first policy applies to the table 
(Hayrnan, col. 5, lines 25-39, Ayi, page 1, [0006]-[00081). 

As per claim 13, Hayrnan and Ayi teach all the claimed subject matters as 
discussed in claim 6, and further teach associating a second policy of a second model 
set in a second package with a second table within the database system; and invoking 
the access mediation routine in the second package for determining whether to allow 
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operation on data in the second table based on the second policy (Ayi, page 1 , 
[0006]-[0008]). 

As per claim 14, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 13, and further teach the second model in the second package is the 
same as the first model in the first package (Hayman, col. 5, lines 25-60, Ayi, page 1 , 
[0006]-[0008]). 

As per claim 15, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 13, and further teach the second model in the second package is 
different from the first model in the first package (Hayman, col. 5, lines 25-60, Ayi, page 
1, [0006]-[0008]). 

As per claim 16, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 13, and further teaches the second table is the same as the first 
table (Hayman, col. 5, lines 25-60, Ayi, page 1., [0006]-[0008]). 

As per claim 17, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 13, and further teach the second table is different from the first table 
(Hayman, Col. 5, lines 25-60, Ayi, page 1 , [0006]-[0008]). 
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As per claim 18, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 6, and further teach invoking the access mediation routine in the first 
package further, comprising providing data indicating the first policy to the access 
mediation routine (Hayman, Col. 9, line 55 - Col 10, line 4). 

As per claim 19, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 6, and further teach the method further comprises the step of 
determining a set of allowed labels for the first policy for a user of the database 
management system; said step of invoking the access mediation routine is performed 
during said step of determining the set of allowed labels; and the user is allowed to 
operate on the data according to the first policy if the data is associated with a label for 
the first policy and the label is included in the set of allowed labels for the first policy 
(Hayman, Col. 5, lines 25-60, col. 9, line 55 - Col. 10, line 4). 

As per claim 20, Hayman and Ayi teach all the claimed subject matters as 
discussed in claim 19, and further teach storing the set of allowed labels in a session 
cache for a communication session between the database management system and the 
user (Hayman, Col. 8, lines 54-67, Ayi, page 1, [0006]-[0008]). 

Claims 26-40 are rejected on grounds corresponding to the reasons given above 
for claims 6-20. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Leslie Wong whose telephone number is (571 ) 272- 
4120. The examiner can normally be reached on Monday to Friday 9:30am - 6:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, CHARLES RONES can be reached on (571) 272-4085. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Leslie Wong 

Primary Patent Examiner 
Art Unit 2164 
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